CVE-2015-7703
Last modified
CVE-2015-7703 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.. EPSS estimates a 3.85% chance of exploitation in the next 30 days.
Description
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ntp | Ntp | >= 4.2.0, < 4.2.8 |
| Ntp | Ntp | >= 4.3.0, < 4.3.77 |
| Ntp | Ntp | 4.2.8 |
| Oracle | Linux | 6 |
| Debian | Debian Linux | 7.0 |
| Debian | Debian Linux | 8.0 |
| Debian | Debian Linux | 9.0 |
| Netapp | Oncommand Performance Manager | All versions |
| Netapp | Oncommand Unified Manager | All versions |
| Netapp | Clustered Data Ontap | All versions |
| Netapp | Data Ontap | All versions |
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.3 |
| Redhat | Enterprise Linux Server Aus | 7.4 |
| Redhat | Enterprise Linux Server Aus | 7.6 |
| Redhat | Enterprise Linux Server Aus | 7.7 |
| Redhat | Enterprise Linux Server Eus | 7.3 |
| Redhat | Enterprise Linux Server Eus | 7.4 |
| Redhat | Enterprise Linux Server Eus | 7.5 |
| Redhat | Enterprise Linux Server Eus | 7.6 |
| Redhat | Enterprise Linux Server Eus | 7.7 |
| Redhat | Enterprise Linux Server Tus | 7.3 |
| Redhat | Enterprise Linux Server Tus | 7.6 |
| Redhat | Enterprise Linux Server Tus | 7.7 |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Redhat | Enterprise Linux Workstation | 7.0 |
References
- http://rhn.redhat.com/errata/RHSA-2016-0780.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-2583.htmlThird Party Advisory
- http://support.ntp.org/bin/view/Main/NtpBug2902Vendor Advisory
- http://www.debian.org/security/2015/dsa-3388Third Party Advisory
- http://www.securityfocus.com/bid/77278Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1033951Third Party Advisory, VDB Entry
- https://bugzilla.redhat.com/show_bug.cgi?id=1254547Issue Tracking, Third Party Advisory, VDB Entry
- https://security.gentoo.org/glsa/201607-15Third Party Advisory
- https://security.netapp.com/advisory/ntap-20171004-0001/Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-0780.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2016-2583.htmlThird Party Advisory
- http://support.ntp.org/bin/view/Main/NtpBug2902Vendor Advisory
- http://www.debian.org/security/2015/dsa-3388Third Party Advisory
- http://www.securityfocus.com/bid/77278Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1033951Third Party Advisory, VDB Entry
- https://bugzilla.redhat.com/show_bug.cgi?id=1254547Issue Tracking, Third Party Advisory, VDB Entry
- https://security.gentoo.org/glsa/201607-15Third Party Advisory
- https://security.netapp.com/advisory/ntap-20171004-0001/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-7703?
How severe is CVE-2015-7703?
How do I fix CVE-2015-7703?
Are you affected by CVE-2015-7703?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST